Have an app running in GCP using App Engine and secured by IAP. To the best of my knowledge IAP uses OAuth, but when I open the app in the browser and inspect the outgoing XHR requests I don't see the HTTP Authorization header on any of them. There does appear to be a token in the cookies though, something named GCP_IAAP_AUTH_TOKEN. Just wondering if this is still considered OAuth or is it some other form of authentication?
Does OAuth always use the HTTP Authorization header?
589 Views Asked by Dandan At
1
There are 1 best solutions below
Related Questions in OAUTH
- Using html5 localstorage instead of cookies with passport.js
- OAuth integration with QuickBooks using Scribe
- OAuth with Developer tokens
- Oauth in Tyrus WebSocket
- Accessing Picasa Web API using PHP
- how can I access user details through "oauth_token" from twitter api in ionic framework
- Is my JWT refresh plan secure?
- When to refresh token?
- SignalR oAuth on self host
- Bearer token in MVC controller to access Web API
- OAuthorization through app or web api
- Authenticating mobile app login using webservice using oauth connection
- Testing local rails application with OAuth
- Configure the authorization server endpoint
- Azure Active Directory Login: Web App Permissions, User Consent not triggered
Related Questions in GOOGLE-CLOUD-PLATFORM
- Google Logging API - What service name to use when writing entries from non-Google application?
- Custom exception message from google endpoints exception
- Unable to connect database of lamp instance from servlet running on tomcat instance of google cloud
- How to launch a Jar file using Spark on hadoop
- Google Cloud Bigtable Durability/Availability Guarantees
- How do I add a startup script to an existing VM from the developer console?
- What is the difference between an Instance and an Instance group
- How do i change files using ftp in google cloud?
- How to update all machines in an instance group on Google Cloud Platform?
- Setting up freeswitch server on Google cloud compute
- Google Cloud Endpoints: verifyToken: Signature length not correct
- Google Cloud BigTable connection setup time
- How GCE HTTP Cross-Region Load Balancing implemented
- Google Cloud Bigtable compression
- Google cloud SDK code to execute via cron
Related Questions in GOOGLE-CLOUD-IAM
- Terraform throws Error setting IAM policy for service account ... Permission iam.serviceAccounts.setIamPolicy is required
- How do I give a Gsuite group or user access to impersonate all Google service accounts
- Unable to start/stop an AI Platform Notebook Instance in AI Platform but Able to in Compute Engine
- Change - Google cloud storage, transfer Service - Change Object ownership
- Cloud SQL Postgres Flag: cloudsql.iam_authentication?
- Using worker identity with gcloud
- Google Cloud Platform: How to fetch permissions assigned for particular Identity across all GCP resources via REST call
- GCP Cloud Function - ERROR fetching storage source during build/deploy
- Creating IAM members in GCP throws error The size of the policy is too large
- Preventing Access to a Bucket in GCP
- Can't change policies of a project event though I am its owner
- How can I authenticate google cloud sdk onto my docker image?
- How to grant a serviceAccount the editor role only on their own pubsub subscriptions
- How can i limit an user account to impersonate only some target service accounts?
- Permission denied error when calling Google Cloud Run API from Cloud Scheduler
Related Questions in GOOGLE-IAP
- How to unactive IAP in google cloud project?
- Securing GAE/Cloud Run app with IAP but excluding static content
- IAP from Service account OIDC Token : 401 Unauthorized
- How to protect Google Cloud Functions with Identity-Aware-Proxy
- Is there a way to change resource authentication method to external via API?
- How to authenticate with web services on App Engine
- Enable CORS with Google IAP
- Does OAuth always use the HTTP Authorization header?
- Identity Aware Proxy (IAP) for a URL - Google app engine
- Serve content from a Google Cloud Storage bucket using Identity-Aware Proxy (IAP)
- GCP IAP Java example returning ComputeEngineCredentials instead of ServiceAccountCredentials
- Service to service requests on App Engine with IAP
- Google Cloud Identity Aware Proxy over Corporate Proxy
- CDAP DataFusion GET Pipeline Runs Invalid IAP Credentials Error
- Query based parameter routing Google load balancer - IAP
Trending Questions
- UIImageView Frame Doesn't Reflect Constraints
- Is it possible to use adb commands to click on a view by finding its ID?
- How to create a new web character symbol recognizable by html/javascript?
- Why isn't my CSS3 animation smooth in Google Chrome (but very smooth on other browsers)?
- Heap Gives Page Fault
- Connect ffmpeg to Visual Studio 2008
- Both Object- and ValueAnimator jumps when Duration is set above API LvL 24
- How to avoid default initialization of objects in std::vector?
- second argument of the command line arguments in a format other than char** argv or char* argv[]
- How to improve efficiency of algorithm which generates next lexicographic permutation?
- Navigating to the another actvity app getting crash in android
- How to read the particular message format in android and store in sqlite database?
- Resetting inventory status after order is cancelled
- Efficiently compute powers of X in SSE/AVX
- Insert into an external database using ajax and php : POST 500 (Internal Server Error)
Popular Questions
- How do I undo the most recent local commits in Git?
- How can I remove a specific item from an array in JavaScript?
- How do I delete a Git branch locally and remotely?
- Find all files containing a specific text (string) on Linux?
- How do I revert a Git repository to a previous commit?
- How do I create an HTML button that acts like a link?
- How do I check out a remote Git branch?
- How do I force "git pull" to overwrite local files?
- How do I list all files of a directory?
- How to check whether a string contains a substring in JavaScript?
- How do I redirect to another webpage?
- How can I iterate over rows in a Pandas DataFrame?
- How do I convert a String to an int in Java?
- Does Python have a string 'contains' substring method?
- How do I check if a string contains a specific word?
Cloud IAP can use either the cookie
GCP_IAAP_AUTH_TOKENorAuthorization: Bearer. Both are derived from OAuth2.Authenticating with OpenID Connect